Recent Posts

Recent Blog Posts

The PhishLabs Blog

The 2017 Phishing Trends & Intelligence Report is now available!

On behalf of the PhishLabs R.A.I.D., I'm proud to announce that the 2017 Phishing Trends & Intelligence Report has been released. As with last year's edition, the report provides first-hand, in-depth view of the events and trends that are shaping the phishing threat landscape. It provides insight into the major trends, tools, and techniques used by threat actors to carry out phishing attacks. It also provides the context and perspective needed to understand why these changes are happening.

One of our key findings shows that the phishing business model is quickly evolving, directly impacting who is being targeted and why. As a population, phishers always seek out the biggest opportunities to profit. Historically, this has led to financial institutions being the dominant target by a wide margin. This is no longer the case.

While the volume of attacks targeting financial institutions has not declined, the volume of attacks targeting cloud storage sites has grown rapidly and is now practically even with financial institutions. We expect cloud storage sites will surpass financial institutions as the top target in 2017.

In addition to many other findings, the 2017 Phishing Trends & Intelligence Report examines this trend in detail. We explain why it is happening and how phishers are exploiting common practices to to exponentially increase their potential profits.

The source data that is analyzed and dissected in the report comes from PhishLabs' own operations and technology systems. To gain a sense of these intelligence holdings, consider:

We analyzed nearly one million confirmed malicious phishing sites in 2016 across more than 170,000 unique domains.

We investigated and took down the infrastructure supporting more than 7,800 phishing attacks each every month.

We analyzed thousands of unique malware samples from more than 100 ransomware variants and more than 20 banking Trojan families.

Leading financial institutions, social media sites, healthcare companies, retailers, insurance companies, and tech companies use our services to fight back against phishing.